article

Protecting cryptographic keys and computations via virtual secure coprocessing

Authors:

John P. McGregor,

Ruby B. LeeAuthors Info & Claims

ACM SIGARCH Computer Architecture News, Volume 33, Issue 1

Pages 16 - 26

https://doi.org/10.1145/1055626.1055630

Published: 01 March 2005 Publication History

Abstract

Cryptographic processing is a critical component of secure networked computing systems. The protection offered by cryptographic processing, however, greatly depends on the methods employed to manage, store, and exercise a user's cryptographic keys. In general, software-only key management schemes contain numerous security weaknesses. Thus, many systems protect keys with distributed protocols or supplementary hardware devices, such as smart cards and cryptographic coprocessors. However, these key protection mechanisms suffer from combinations of user inconvenience, inflexibility, performance penalties, and high cost.In this paper, we propose architectural enhancements for general-purpose processors that protect core secrets by facilitating virtual secure coprocessing (VSCoP). We describe modest hardware modifications and a trusted software library that allow common computing devices to perform flexible, high-performance, and protected cryptographic computation. The hardware additions include a small key store in the processor, encryption engines at the cache-memory interface, a few new instructions, and minor hardware platform modifications. With these enhancements, users can store, transport, and employ their secret keys to safely complete cryptographic operations in the presence of insecure software. In addition, we provide a foundation with which users can more securely access their secret keys on any Internet-connected computing device (that supports VSCoP) without requiring auxiliary hardware such as smart cards.

References

[1]

American National Standards Institute, "American National Standard X9.17: Financial Institution Key Management," 1985.]]

[2]

Amphion Corporation, "AES Encryption/Decryption" available at http://www.amphion.com/cs5265.html, 2002.]]

[3]

R. Anderson, Security Engineering, John Wiley and Sons, Inc., New York, NY, 2001.]]

[4]

R. Anderson and M. Kuhn, "Low cost attacks on tamper resistant devices," Security Protocols: 5th International Workshop, Springer Verlag LNCS, no. 1361, pp. 125--136, 1997.]]

Digital Library

[5]

ARM Corporation, "A New Foundation for CPU Systems Security: Security Extensions to the ARM Architecture," available at http://www.arm.com/pdfs/TrustZone.pdf, May 2003.]]

[6]

D. Balfanz and E. W. Felten, "Hand-Held Computers Can Be Better Smart Cards," Proc. of the 1999 USENIX Security Symposium, 1999.]]

Digital Library

[7]

R. M. Best, "Preventing Software Piracy with Crypto-Microprocessors," Proc. of IEEE Spring COMPCON '80, pp. 466--469, 1980.]]

[8]

M. Blaze, "High-Bandwidth Encryption with Low-Bandwidth Smartcards," Proceedings of the Workshop on Fast Software Encryption, pp. 33--40, February 1996.]]

Digital Library

[9]

M. Bond and R. Anderson, "API-Level Attacks on Embedded Systems," IEEE Computer, vol. 34, no. 10, pp. 67--75, Oct. 2001.]]

Digital Library

[10]

D. Burger and T. M. Austin, "The SimpleScalar Tool Set, Version 2.0," University of Wisconsin--Madison Computer Sciences Department Technical Report, no. 1342, June 1997.]]

[11]

CERT Coordination Center, http://www.cert.org/, 2002.]]

[12]

J. Dyer, R. Perez, S. Smith, M. Lindemann, "Application Support Architecture for a High-Performance, Programmable Secure Coprocessor," Proceedings of the 22nd National Information Systems Security Conference, October 1999.]]

[13]

W. Ford and B. S. Kaliski, Jr., "Sever-assisted Generation of a Strong Secret from a Password," Proceedings of the 5th IEEE International Workshop on Enterprise Security, 2000.]]

[14]

J. Garay, R. Gennaro, C. Jutla, and T. Rabin, "Secure Distributed Storage and Retrieval," Proc. of the 11th Inter. Workshop on Distributed Algorithms, Springer-Verlag LNCS, no. 1320, pp. 275--289, 1997.]]

Digital Library

[15]

B. Gassend, E. Suh, D. Clarke, M. van Dijk, and S. Devadas, "Caches and Merkle Trees for Efficient Memory Authentication," Proc. of the Ninth International Symposium on High Performance Computer Architecture (HPCA-9), Feb. 2003.]]

Digital Library

[16]

T. Gilmont, J.-D. Legat, and J.-J. Quisquater, "An Architecture of Security Management Unit for Safe Hosting of Multiple Agents," Proc. of the International Workshop on Intelligent Communications and Multimedia Terminals, pp. 79--82, November 1998.]]

[17]

P. Gutmann, "An Open-source Cryptographic Coprocessor," Proceedings of the 2000 USENIX Security Symposium, 2000.]]

Digital Library

[18]

Intel Corporation, "LaGrande Technology Architectural Overview," avail. at http://www.intel.com/technology/security/, September 2003.]]

[19]

D. Kirovski, M. Drinic, and M. Potkonjak, "Enabling Trusted Software Integrity," Proc. of the Tenth International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS-X), October 2002.]]

Digital Library

[20]

P. Kocher, J. Jaffe, and B. Jun, "Differential Power Analysis," Advances in Cryptology - CRYPTO '99, Springer-Verlag LNCS, no. 1666, pp. 388--397, 1999.]]

Digital Library

[21]

D. Lie, C. Thekkath, M. Mitchell, P. Lincoln, D. Boneh, J. Mitchell, and M. Horowitz, "Architectural Support for Copy and Tamper Resistant Software," Proceedings of ASPLOS-IX, pp. 168--177, 2000.]]

Digital Library

[22]

P. MacKenzie and M. Reiter, "Networked Cryptographic Devices Resilient to Capture," Proceedings of the 22nd IEEE Symposium on Security and Privacy, pp. 12--25, 2001.]]

Digital Library

[23]

J. P. McGregor and R. B. Lee, "Virtual Secure Coprocessing on General-purpose Processors," Princeton University Department of Electrical Engineering Technical Report CEL2002-003, Nov. 2002.]]

[24]

A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone, Handbook of Applied Cryptography, CRC Press, LLC, Boca Raton, FL, 1997.]]

Digital Library

[25]

Microsoft, "Next-Generation Secure Computing Base," avail. at http://www.microsoft.com/resources/ngscb/, June 2004.]]

[26]

National Institute of Standards and Technology, "Advanced Encryption Standard," FIPS Publication 197, Nov. 2001.]]

[27]

R. L. Rivest, "The MD5 Message Digest Algorithm," RFC 1321, available at http://www.ietf.org/rfc/rfc1321.txt, April 1992.]]

Digital Library

[28]

R. L. Rivest, A. Shamir, and L. Adelman, "A Method for Obtaining Digital Signatures and Public-key Cryptosystems," Communications of the ACM, 21(2), pp. 120--126, Feb. 1978.]]

Digital Library

[29]

RSA Security, Inc., "PKCS #11 v2.11: Cryptographic Token Interface Standard," available at http://www.rsasecurity.com/rsalabs/pkcs/pkcs-11/, Nov. 2001.]]

[30]

The SANS Institute, "The Twenty Most Critical Internet Security Vulnerabilities," http://www.sans.org/top20/, Oct. 2002.]]

[31]

R. E. Smith, Authentication: From Passwords to Public Keys, Addison-Wesley, 2002.]]

Digital Library

[32]

S. W. Smith, E. R. Palmer, S. H. Weingart, "Using a High-Performance, Programmable Secure Coprocessor," Proc. of the International Conf. on Financial Cryptography, pp. 73--89, 1998.]]

Digital Library

[33]

S. W. Smith and S. H. Weingart, "Building a High-Performance, Programmable Secure Coprocessor," Computer Networks, 31(8), pp. 831--860, April 1999.]]

Digital Library

[34]

G. E. Suh, D. Clarke, B. Gassend, M. van Dijk, and S. Devadas, "AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing," Proceedings of the 17th International Conference on Supercomputing (ICS), 2003.]]

Digital Library

[35]

Trusted Computing Group, http://www.trustedcomputinggroup.org, June 2004.]]

[36]

J. D. Tygar and B. Yee, "Dyad: A System for Using Physically Secure Coprocessors," Carnegie Mellon University Technical Report CMU-CS-91-140R, May 1991.]]

Cited By

Hroub AElrabaa M(2022)SecSoC: A Secure System on Chip Architecture for IoT Devices2022 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)10.1109/HOST54066.2022.9839995(41-44)Online publication date: 27-Jun-2022
https://doi.org/10.1109/HOST54066.2022.9839995
Bal GSchmidt AKuntze N(2009)Injecting trust to cryptographic key managementProceedings of the 11th international conference on Advanced Communication Technology - Volume 210.5555/1701835.1701891(1197-1201)Online publication date: 15-Feb-2009
https://dl.acm.org/doi/10.5555/1701835.1701891
Ramkumar M(2008)Trustworthy Computing under Resource Constraints with the DOWN PolicyIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2007.702275:1(49-61)Online publication date: 1-Jan-2008
https://dl.acm.org/doi/10.1109/TDSC.2007.70227
Show More Cited By

Index Terms

Protecting cryptographic keys and computations via virtual secure coprocessing
1. Networks
  1. Network properties
    1. Network structure
2. Security and privacy
  1. Cryptography
  2. Systems security
    1. Operating systems security

Recommendations

Achieving short ciphertexts or short secret-keys for adaptively secure general inner-product encryption

In this paper, we present two non-zero inner-product encryption (NIPE) schemes that are adaptively secure under a standard assumption, the decisional linear (DLIN) assumption, in the standard model. One of the proposed NIPE schemes features constant-...
Achieving short ciphertexts or short secret-keys for adaptively secure general inner-product encryption
CANS'11: Proceedings of the 10th international conference on Cryptology and Network Security

In this paper, we present two <em>non-zero inner-product</em> encryption (NIPE) schemes that are <em>adaptively secure</em> under a standard assumption, the decisional linear (DLIN) assumption, in the standard model. One of the proposed NIPE schemes ...
Protecting cryptographic keys against continual leakage
CRYPTO'10: Proceedings of the 30th annual conference on Advances in cryptology

Side-channel attacks have often proven to have a devastating effect on the security of cryptographic schemes. In this paper, we address the problem of storing cryptographic keys and computing on them in a manner that preserves security even when the ...

Comments

Information & Contributors

Information

Published In

cover image ACM SIGARCH Computer Architecture News

ACM SIGARCH Computer Architecture News Volume 33, Issue 1

Special issue: Workshop on architectural support for security and anti-virus (WASSA)

March 2005

159 pages

ISSN:0163-5964

DOI:10.1145/1055626

Issue’s Table of Contents

Copyright © 2005 Authors.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 March 2005

Published in SIGARCH Volume 33, Issue 1

Check for updates

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
339
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)0

Reflects downloads up to 17 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Hroub AElrabaa M(2022)SecSoC: A Secure System on Chip Architecture for IoT Devices2022 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)10.1109/HOST54066.2022.9839995(41-44)Online publication date: 27-Jun-2022
https://doi.org/10.1109/HOST54066.2022.9839995
Bal GSchmidt AKuntze N(2009)Injecting trust to cryptographic key managementProceedings of the 11th international conference on Advanced Communication Technology - Volume 210.5555/1701835.1701891(1197-1201)Online publication date: 15-Feb-2009
https://dl.acm.org/doi/10.5555/1701835.1701891
Ramkumar M(2008)Trustworthy Computing under Resource Constraints with the DOWN PolicyIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2007.702275:1(49-61)Online publication date: 1-Jan-2008
https://dl.acm.org/doi/10.1109/TDSC.2007.70227
Ramkumar M(2006)NIS05-3: On the Feasibility of Very Low Complexity Trust Modules Using PKPS SynergiesIEEE Globecom 200610.1109/GLOCOM.2006.287(1-5)Online publication date: Nov-2006
https://doi.org/10.1109/GLOCOM.2006.287
Lee RKwan PMcGregor JDwoskin JWang Z(2005)Architecture for Protecting Critical Secrets in MicroprocessorsACM SIGARCH Computer Architecture News10.1145/1080695.106997133:2(2-13)Online publication date: 1-May-2005
https://dl.acm.org/doi/10.1145/1080695.1069971
Lee RKwan PMcGregor JDwoskin JWang Z(2005)Architecture for Protecting Critical Secrets in MicroprocessorsProceedings of the 32nd annual international symposium on Computer Architecture10.1109/ISCA.2005.14(2-13)Online publication date: 4-Jun-2005
https://dl.acm.org/doi/10.1109/ISCA.2005.14

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents